homelab/traefik
1
0
Fork 0
Code Activity

Detect certificates content modifications

Browse source 
Co-authored-by: Romain <rtribotte@users.noreply.github.com>
Co-authored-by: Mathieu Lonjaret <mathieu.lonjaret@gmail.com>
This commit is contained in:
Jean-Baptiste Doumenjou 2021-07-13 14:14:35 +02:00 committed by GitHub
parent 3c1ed0d9b2
commit e1f5866989
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 140 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

31
pkg/provider/file/file_test.go
View file

@ -25,19 +25,35 @@ type ProvideTestCase struct {
expectedNumTLSOptions int
}
func TestTLSContent(t *testing.T) {
func TestTLSCertificateContent(t *testing.T) {
tempDir := t.TempDir()
fileTLS, err := createTempFile("./fixtures/toml/tls_file.cert", tempDir)
require.NoError(t, err)
fileTLSKey, err := createTempFile("./fixtures/toml/tls_file_key.cert", tempDir)
require.NoError(t, err)
fileConfig, err := os.CreateTemp(tempDir, "temp*.toml")
require.NoError(t, err)
content := `
[[tls.certificates]]
certFile = "` + fileTLS.Name() + `"
keyFile = "` + fileTLS.Name() + `"
keyFile = "` + fileTLSKey.Name() + `"
[tls.options.default.clientAuth]
caFiles = ["` + fileTLS.Name() + `"]
[tls.stores.default.defaultCertificate]
certFile = "` + fileTLS.Name() + `"
keyFile = "` + fileTLSKey.Name() + `"
[http.serversTransports.default]
rootCAs = ["` + fileTLS.Name() + `"]
[[http.serversTransports.default.certificates]]
certFile = "` + fileTLS.Name() + `"
keyFile = "` + fileTLSKey.Name() + `"
`
_, err = fileConfig.Write([]byte(content))
@ -48,7 +64,16 @@ func TestTLSContent(t *testing.T) {
require.NoError(t, err)
require.Equal(t, "CONTENT", configuration.TLS.Certificates[0].Certificate.CertFile.String())
require.Equal(t, "CONTENT", configuration.TLS.Certificates[0].Certificate.KeyFile.String())
require.Equal(t, "CONTENTKEY", configuration.TLS.Certificates[0].Certificate.KeyFile.String())
require.Equal(t, "CONTENT", configuration.TLS.Options["default"].ClientAuth.CAFiles[0].String())
require.Equal(t, "CONTENT", configuration.TLS.Stores["default"].DefaultCertificate.CertFile.String())
require.Equal(t, "CONTENTKEY", configuration.TLS.Stores["default"].DefaultCertificate.KeyFile.String())
require.Equal(t, "CONTENT", configuration.HTTP.ServersTransports["default"].Certificates[0].CertFile.String())
require.Equal(t, "CONTENTKEY", configuration.HTTP.ServersTransports["default"].Certificates[0].KeyFile.String())
require.Equal(t, "CONTENT", configuration.HTTP.ServersTransports["default"].RootCAs[0].String())
}
func TestErrorWhenEmptyConfig(t *testing.T) {